top of page

Privacy Policy



  • Gerillaz OÜ, referred to as "we," "our," "us," or "the Company," is deeply committed to safeguarding the privacy and security of the information we gather, and we are dedicated to maintaining transparency regarding how we collect and process your data. This document, known as the "Privacy Policy," outlines our policies and procedures for managing the data we obtain from you or about you. It pertains to the game websites and online services we oversee, as well as those linked to this Privacy Policy. This includes our game website (the "Website"), mobile apps (the "Apps"), online communities, and customer services, collectively referred to as the "Services."

  • Please note that this Privacy Policy does not encompass our practices related to your use of the WEMIX wallet product. If you seek information on how your personal data is collected and processed while using the WEMIX wallet, please click here.

  • We urge you to thoroughly review this Privacy Policy, alongside any additional notices we might furnish on specific occasions when we collect or process your personal data. This will ensure that you understand how and why we utilize your personal data and are aware of your rights in accordance with relevant data protection laws.

  • For California residents, please consult our California Privacy Statement for additional information.














In this document, "personal data" refers to any information concerning an identified or identifiable individual. We gather and process the following categories of personal data when you utilize our Services:

  • Contact Information: This includes your phone number and email address.

  • Registration Information: This comprises authentication tokens issued by third-party platforms (e.g., Google, Apple, Facebook) used for login, guest account IDs and passwords (if you play without logging in), and your in-game or character nickname.

  • Automatically Collected Information: We collect data like cookies and in-game logs (e.g., quest logs and war logs). For more details, please consult our Cookie Policy. Additionally, we collect certain personal data if you wish to use specific services we offer. This includes information needed to process your purchases through third-party platforms like the Apple App Store (e.g., country code, player key, receipt information), data required to link your game account with your WEMIX wallet account (e.g., WEMIX wallet address, WEMIX wallet ID, UUID), details necessary to manage inquiries and requests from you, and information essential for event organization (e.g., in-game nickname or server name).

We acquire this information either directly from you or from other sources, which may include other users of our Services and third-party services and organizations (e.g., Google, Apple, Facebook). Refer to Appendix II for more information on personal data collected from third parties. Please note that without this information, we may not be able to provide you with the requested services, and differences in the services provided may be related to the information you provide.


We do not collect sensitive information (e.g., racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, data concerning a natural person's sex life or sexual orientation) or data related to criminal convictions and offenses.




We will utilize your personal data for the following purposes:

  • Provision of Services: We use your information to establish and maintain user accounts, enable the functionality of our Services, customize the Services, offer forum and community features, respond to your inquiries, and manage events.

  • Enhancement of Service Quality: Your information helps us maintain, enhance, and administer our Services. This includes troubleshooting, data analytics, and testing.

  • Security: We use your data to safeguard our Services and users. This encompasses detecting users engaged in illegal activities involving our programs and addressing fraud, abuse, security risks, and technical issues.

  • Electronic Correspondence: We may communicate with you via email or other means to handle inquiries and requests from you or to discuss your use of the Services. Upon your request, we may also send electronic newsletters.

  • Compliance with Laws and Regulations: Your information may be used to ensure compliance with legal obligations, settle disputes, enforce our contractual agreements, and establish, exercise, or defend legal claims.

We process your personal data based on various legal bases as outlined in Appendix I. These include fulfilling a contract with you, complying with legal obligations, and pursuing legitimate interests. We may also process your data to protect interests, obtain your consent, or defend or pursue legal claims. Refer to Appendix I for more information on these legal bases.



  • We do not engage in profiling or other automated decision-making processes in our interactions with you.


We may share your personal data with third parties in the following situations:

  • Service Providers: We use third-party vendors and service providers (data processors) to process your personal information as outlined in this policy. These data processors follow our instructions, adhere to this policy, and are subject to confidentiality and security obligations.

  • Business Transfers: Your information may be shared in connection with significant corporate transactions, such as website sales, mergers, consolidations, asset sales, initial public offerings, or in cases of bankruptcy.

  • Legal Obligations: We may transfer your personal data to law enforcement agencies, governmental authorities, legal counsel, and external consultants in compliance with data protection laws. This is done to meet legal obligations or pursue our legitimate interests, such as exercising or defending legal claims.

  • With Your Consent: We may share information about you with third parties when you have provided consent.

Our services enable you to upload and share messages and other content with others. When engaging in public activities on the Services, please be aware that the information you share may be read, collected, or used by other users of these areas. Exercise discretion and caution when disclosing information in these public areas. We are not responsible for information you choose to submit in these contexts.

If a recipient of your personal data is located outside of the EU and the European Economic Area (“EEA”) in a country not recognized by the European Commission as ensuring an adequate level of data protection, we will implement appropriate measures to protect your personal data when transferred outside your home country. These measures include data transfer agreements implementing European Commission's Standard Contractual Clauses, pre-approved as providing adequate safeguards for personal data. You can request a copy of these measures by contacting us as described above.




  • We do not knowingly collect or sell information from children, as defined by applicable law, without parental consent or as otherwise permitted by applicable law.



We have implemented appropriate security measures to prevent the accidental loss, misuse, or unauthorized access, alteration, or disclosure of your personal data. Access to your personal data is limited to employees, agents, contractors, and other third parties who require such access for legitimate business purposes. We have procedures in place to address suspected data security breaches and will notify you and any relevant regulator of such breaches if required by law.




We will retain your personal data only for as long as necessary to fulfill the purposes outlined above, including legal, accounting, or reporting requirements. The appropriate retention period for personal data is determined by considering factors such as the amount, nature, and sensitivity of the data, potential risks from unauthorized use or disclosure, the purposes of data processing, and whether those purposes can be achieved through alternative means, as well as applicable legal requirements.


In general, most of your data will be deleted within 72 hours after the termination of our relationship with you. However, certain personal data will be retained for different periods in specific circumstances:

  • Information related to inquiries submitted to our customer service center: Retained for 3 years.

  • Information related to your participation in an event: Retained for 1 month.

Notwithstanding the above, we may keep your personal data as long as required to comply with legal or regulatory obligations to which we are subject.




Your Responsibility to Keep Us Informed: Ensuring the accuracy and currency of the personal data we hold about you is essential. If you become aware of any changes or inaccuracies in your information, please promptly notify us. This allows us to update or rectify your information as needed.


Your Rights Regarding Personal Data: In accordance with applicable law, you may possess the following rights:

  • Access Request: You can request access to your personal data. This enables you to obtain a copy of the personal data we have and verify the lawful processing of your data.

  • Correction and Deletion: You have the right to request the correction and/or deletion of your personal data.

  • Processing Restriction: You can request the restriction of the processing of your personal data.

  • Data Portability: You may request the receipt or transmission of the personal data you've provided to us in a machine-readable format.

  • Objection: You can object to the processing of your personal data by us at any time.

  • Withdraw Consent: If we rely on your consent for processing your data, you have the right to withdraw your consent.

To exercise any of these rights, please contact us using the contact details provided at the end of this policy. For security reasons, we may need to verify your identity and confirm your right to access the personal data or exercise any other rights. This is a necessary security measure to ensure that personal data is not disclosed to unauthorized individuals.


If you wish to file a complaint regarding our handling of your personal data, please contact us, and we will strive to address your request promptly. If you believe that our processing of your information is unlawful, you have the option to lodge a complaint with a supervisory authority. In the EU, you can locate the supervisory authority for your country and their contact information here. In the UK, the supervisory authority is the Information Commissioner’s Office, and you can contact them here.




To ensure that this policy aligns with our evolving practices and services, we will periodically update it. We are committed to complying with relevant data protection laws and will take necessary steps to inform you of any significant changes. When we make revisions to this policy, we will modify the "Last Updated" date located at the top of this document.


Purposes for Processing USER Data



bottom of page